puppet-keystone

/etc/httpd/conf.d/10-keystone_wsgi.conf, wrong value of OIDCCacheShmMax

Bug #2054308 reported by Francesco Di Nucci on 2024-02-19

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	puppet-keystone	Fix Released	High	Takashi Kajinami

Maybe related to #2054306
Switched from 2023.1 to 2023.2, keystone setup fails with the error:

OIDCCacheShmMax takes one argument, Maximum number of cache entries to use for "shm" caching

Because even if in the EYAML there is declared

keystone::federation::openidc::openidc_cache_shm_max: '33297'

the variable is not evaluated correctly, and the resulting /etc/httpd/conf.d/10-keystone_wsgi.conf contains:

OIDCCacheType memcache
OIDCCacheShmMax scope['::keystone::federation::openidc::openidc_cache_shm_max'] %>
OIDCMemCacheServers "127.0.0.1:11211"

And obviously it's not a valid value

Revision history for this message

Takashi Kajinami (kajinamit) wrote on 2024-02-19:

It seems the problem was added 6 years back when these parameters were initially added...
https://review.opendev.org/c/openstack/puppet-keystone/+/577420

Revision history for this message

Changed in puppet-keystone:
status:	New → In Progress

Takashi Kajinami (kajinamit) on 2024-02-19

Changed in puppet-keystone:
importance:	Undecided → High
assignee:	nobody → Takashi Kajinami (kajinamit)

Revision history for this message

commit 30f50ce8fdf56b2332ec8ea8bb6a48f7fa73b916
Author: Takashi Kajinami <email address hidden>
Date: Mon Feb 19 22:29:26 2024 +0900

Fix broken rendering of OIDC Options

... and also fix a typo in redis password option.

Closes-Bug: #2054308
Change-Id: I41d3efd265305e80c453e7f042797881319c5047

Changed in puppet-keystone:
status:	In Progress → Fix Released

Revision history for this message

This issue was fixed in the openstack/puppet-keystone 24.0.0 release.

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Bug watches keep track of this bug in other bug trackers.